John C Klensin <john@xxxxxxx> wrote: > > Please correct me if I'm wrong, but it seems to me that > DANE-like approaches are significantly better than traditional > PKI ones only to the extent to which: > > - The entities needing or generating the certificates > are significantly more in control of the associated DNS > infrastructure than entities using conventional CAs are > in control of those CAs. > > - For domains that are managed by registrars or other > third parties (I gather a very large fraction of them at > the second level), whether one believes those registrars > or other operators have significantly more integrity and > are harder to compromise than traditional third party CA > operators. Yes, but there are some compensating pluses: You can get a meaningful improvement to your security by good choice of registrar (and registry if you have flexibility in your choice of name). Other weak registries and registrars don't reduce your DNSSEC security, whereas PKIX is only as secure as the weakest CA. DNSSEC has tricky timing requirements for key rollovers. This makes it hard to steal a domain without causing validation failures. An attacker can use a compromise of your DNS infrastructure to get a certificate from a conventional CA, just as much as they could compromise DNSSEC-based service authentication. Tony. -- f.anthony.n.finch <dot@xxxxxxxx> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first.